<?php
	$requested_id=$_REQUEST['requested_id'];
	ob_start();

	session_start();

	include('includes/connect.php');
	if(isset($requested_id) && $requested_id='confirm')
	{
		$user = $_REQUEST['username'];

		$password = $_REQUEST['password'];
	}
	else
	{
		$user = $_POST['username'];

		$password = $_POST['password'];
	}

	$query  = "SELECT * FROM users where email_id='".trim($user)."'";

	$result = mysql_query($query);

		if(mysql_num_rows($result)!="")
		{ 
			while($row = mysql_fetch_assoc($result))
			{

				if(trim($password)==trim($row['password']))
				{ 
					$_SESSION['user_id']= $row['user_id'];
					$_SESSION['fname']= $row['fname'];
					$_SESSION['lname']= $row['lname'];
					$_SESSION['email_id']= $row['email_id'];
					$_SESSION['location'] = $row['location'];
					$_SESSION['gender'] = $row['gender'];
					$_SESSION['birthdate'] = $row['birthdate'];
					$_SESSION['password']= $row['password'];
					$_SESSION['profile_id']= $row['profile_id'];
					$_SESSION['record_status']=$row['record_status'];
					
					if(isset($requested_id) && $requested_id='confirm')
					{
						$url = "confirm-email.php";
					}
					else
					{
						if($_SESSION['record_status']=='Y')
						{
							$url = "myhome.php";
						}
						else
						{
							$url = "verify-email.php";
						}
					}
					header("Location: $url"); // perform correct redirect.

					exit;

				} 
				
				else
				{ 

					 header('Location:login.php?er=1');

				 }
			}  
		}

		else

		{ 

			header('Location:login.php?er=2');

		}

		ob_flush();
?>